popup-fenster, adware+registry-warnungen |
||
---|---|---|
#0
| ||
15.08.2006, 15:18
Member
Beiträge: 12 |
||
|
||
15.08.2006, 15:36
Moderator
Beiträge: 6466 |
#2
Du tust gut daran den Zombie-Rechner vom Netz nehmen und zu formatieren. Er "gehört" Dir ohnehin nicht mehr... Stellt eher eine Gefahr für andere Rechner dar, als dass er Dir noch nützen würde. Platt machen, zukünftig SP2 aufspielen.
__________ Durchsuchen --> Aussuchen --> Untersuchen |
|
|
||
15.08.2006, 15:48
Member
Themenstarter Beiträge: 12 |
#3
ganz klasse....ich hab den heute vormittag erst formatiert...ohne Schei......also nocheinmal...was meinst du mit SP2?
|
|
|
und es hat sich eine art popup-blocker installiert...der allerdings keiner is...nennt sich MIRAR
hier der hijackthis-report:
Logfile of HijackThis v1.99.1
Scan saved at 15:17:40, on 15.08.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS.5\System32\smss.exe
C:\WINDOWS.5\system32\csrss.exe
C:\WINDOWS.5\system32\winlogon.exe
C:\WINDOWS.5\system32\services.exe
C:\WINDOWS.5\system32\lsass.exe
C:\WINDOWS.5\system32\svchost.exe
C:\WINDOWS.5\System32\svchost.exe
C:\WINDOWS.5\System32\svchost.exe
C:\WINDOWS.5\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS.5\System32\hkcmd.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\T-Online\DSL-Manager\TODslMgr.exe
C:\WINDOWS.5\System32\csrs.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\dih.exe
C:\WINDOWS.5\System32\ctfmon.exe
C:\WINDOWS.5\system32\spoolsv.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS.5\System32\wdfmgr.exe
C:\Programme\T-Online\DSL-Manager\TODslSvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~2\BASIS-~1\Basis2\PROFIL~1.EXE
C:\WINDOWS.5\System32\spooIsv.exe
C:\PROGRA~1\ICQLite\ICQLite.exe
C:\WINDOWS.5\System32\dfrgfat32.exe
C:\WINDOWS.5\System32\winIogon.exe
c:\dfndrfh_10.exe
C:\WINDOWS.5\System32\rundll32.exe
c:\kybrdfh_10.exe
C:\WINDOWS.5\thiselt.exe
C:\WINDOWS.5\RmFubnkgV2Vp3w\command.exe
c:\ac3_0010.exe
C:\WINDOWS.5\System32\RUNDLL32.EXE
c:\ucmoreiex.exe
c:\nwnmfh_10.exe
C:\Programme\Network Monitor\netmon.exe
C:\WINDOWS.5\explorer.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\GEMEIN~1\imzw\imzwm.exe
C:\PROGRA~1\GEMEIN~1\imzw\imzwa.exe
C:\Dokumente und Einstellungen\Fanny Weiß.FANNY\Desktop\hijackthis\HijackThis.exe
C:\WINDOWS.5\system32\badsci.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://web.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Programme\SurfSideKick 3\SskBho.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
R3 - URLSearchHook: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Programme\Deskbar\deskbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Related Page - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS.5\System32\WinNB57.dll
O2 - BHO: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Programme\Deskbar\deskbar.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS.5\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS.5\System32\WinNB57.dll
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Programme\TheSearchAccelerator\UCMTSAIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS.5\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS.5\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS.5\System32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS.5\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [T-Online DSL-Manager] "C:\Programme\T-Online\DSL-Manager\TODslMgr.exe"
O4 - HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS.5\System32\csrs.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DHCP Hotfix] C:\dih.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Programme\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINDOWS.5\System32\spooIsv.exe
O4 - HKLM\..\Run: [Microsoft Windows Update Application] mnsvserv.exe
O4 - HKLM\..\Run: [MS Service Drivers] winscv.exe
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS.5\System32\winIogon.exe
O4 - HKLM\..\Run: [defender] c:\\dfndrfh_10.exe
O4 - HKLM\..\Run: [keyboard] c:\\kybrdfh_10.exe
O4 - HKLM\..\Run: [pop06apelt] C:\WINDOWS.5\thiselt.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Programme\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [fjs0a0c0] RUNDLL32.EXE w055c9ca.dll,n 0030a0bd0000000a055c9ca
O4 - HKLM\..\Run: [newname] c:\\nwnmfh_10.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Update Application] mnsvserv.exe
O4 - HKLM\..\RunServices: [MS Service Drivers] winscv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.5\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Programme\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\PROGRA~1\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS.5\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS.5\web\related.htm
O10 - Broken Internet access because of LSP provider 'spacklsp.dll' missing
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3E73157-9589-4B5E-BCBE-38EFA63548C1}: NameServer = 217.237.151.33 217.237.149.225
O20 - AppInit_DLLs: repairs303169590.dll
O20 - Winlogon Notify: cbxxwtr - C:\WINDOWS.5\SYSTEM32\cbxxwtr.dll
O20 - Winlogon Notify: Control Panel - C:\WINDOWS.5\system32\rachost.dll
O20 - Winlogon Notify: Extensions - C:\WINDOWS.5\system32\mFg_hook.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS.5\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS.5\RmFubnkgV2Vp3w\command.exe
O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS.5\System32\dfrgfat32.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Programme\Network Monitor\netmon.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: T-Online DSL-Manager (TODslService) - T-Systems International GmbH - C:\Programme\T-Online\DSL-Manager\TODslSvc.exe